Bootstrapping a Rackspace Windows Box

There are several projects I want to help out with Windows build automation (at least until Travis CI supports Windows builds) on cloud servers.

Since I’m not familiar at all with managing a Windows Server, let alone Windows security, there are several things I’d like to do:

Stop using Windows and go back to Linux

Launch a fresh server only when we need it

Cordon off the server to a private network

Since 1 isn’t really an option, we’ll just have to lock things down to our best ability and figure out how to manage a Windows box remotely without having to resort to using Remote Desktop. It turns out the de facto way to do this is to use WinRM (Windows Remote Management).

The Windows Rackspace images (at the time of this writing) don’t have the firewall for WinRM open, so you’ll need to do that yourself. For even further sanity, we can put this Windows box on a private network.

Our steps:

Create a private network

Build a “publicly” accessible Linux box

Write a bootstrap script that sets up the Windows firewall

Boot a Windows box on the private network with the bootstrap script

Open some Windows

First, let’s build a network to be shared between the controlling Linux machine and our Windows box(es).

In order to get your script to run, it has to be placed at C:\cloud-automation\bootstrap.cmd. If you want to use a PowerShell script you’re not completely out of luck, as you can upload more than one file (more --file arguments, up to 5). Then just execute the PowerShell script from the batch file.

What’s next?

Now you can use the Linux box as a bridge, to run commands and use tools in automation. From here, setting up the Windows box as a salt minion isn’t that bad either. Maybe I’ll figure out a great way to roll some of this into salt-cloud, if just as an extension.